NSE4_FGT-7.2 Free Practice Test

Which three statements are true regarding session-based authentication? (Choose three.)

1. A. HTTP sessions are treated as a single user.
2. B. IP sessions from the same source IP address are treated as a single user.
3. C. It can differentiate among multiple clients behind the same source IP address.
4. D. It requires more resources.
5. E. It is not recommended if multiple users are behind the source NAT

Correct Answer: ACD

Which three methods are used by the collector agent for AD polling? (Choose three.)

1. A. FortiGate polling
2. B. NetAPI
3. C. Novell API
4. D. WMI
5. E. WinSecLog

Correct Answer: BDE

Which two protocols are used to enable administrator access of a FortiGate device? (Choose two.)

1. A. FTM
2. B. SSH
3. C. HTTPS
4. D. FortiTelemetry

Correct Answer: BC

Refer to the exhibits.
The exhibits contain a network diagram, and virtual IP, IP pool, and firewall policies configuration information.
The WAN (port1) interface has the IP address 10.200.1.1/24.
The LAN (port3) interface has the IP address 10.0.1.254/24.
The first firewall policy has NAT enabled using IP pool.
The second firewall policy is configured with a VIP as the destination address.


Which IP address will be used to source NAT (SNAT) the internet traffic coming from a workstation with the IP address 10.0.1.10?

1. A. 10.200.1.1
2. B. 10.0.1.254
3. C. 10.200.1.10
4. D. 10.200.1.100

Correct Answer: D

Which three security features require the intrusion prevention system (IPS) engine to function? (Choose three.)

1. A. Web filter in flow-based inspection
2. B. Antivirus in flow-based inspection
3. C. DNS filter
4. D. Web application firewall
5. E. Application control

Correct Answer: ABE
https://docs.fortinet.com/document/fortigate/7.0.0/new-features/739623/dns-filter-handled-by-ips-engine-in-flow